CVE-2020-10632

EPSS 0.08%
Veröffentlicht 24.02.2022 19:15:08
Zuletzt bearbeitet 21.11.2024 04:55:44
Quelle ics-cert@hq.dhs.gov
CVE-Watchlists
Login
Unerledigt
Login

Inadequate folder security permissions in Emerson OpenEnterprise versions through 3.3.4 may allow modification of important configuration files, which could cause the system to fail or behave in an unpredictable manner.

Betroffene Produkte Warnungen 0 Metriken 4 CWE 1 Referenzen 4

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Emerson ≫ Openenterprise Scada Server Version <= 3.3.4

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.08%	0.241

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	5.3	3.9	1.4	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
nvd@nist.gov	5	10	2.9	AV:N/AC:L/Au:N/C:N/I:P/A:N
ics-cert@hq.dhs.gov	8.8	2	6	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

CWE-282 Improper Ownership Management

The product assigns the wrong ownership, or does not properly verify the ownership, of an object or resource.

https://www.cisa.gov/uscert/ics/advisories/icsa-20-140-02

Third Party Advisory

US Government Resource

Mitigation

https://nvd.nist.gov/vuln/detail/CVE-2020-10632

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2020-10632

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2020-10632

EUVD